Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome gdk-pixbuf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-48622
In GNOME GdkPixbuf (aka gdk-pixbuf) up to and including 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A crafted file could allow an malicious user to overwrite heap ...
Gnome Gdkpixbuf
NA
CVE-2021-46829
GNOME GdkPixbuf (aka GDK-PixBuf) prior to 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflow is controllable and could be abused for code execution, especially on 32-bit...
Gnome Gdk-pixbuf
Fedoraproject Fedora 35
Debian Debian Linux 11.0
6.8
CVSSv2
CVE-2021-44648
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
Gnome Gdkpixbuf 2.42.6
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
8.3
CVSSv2
CVE-2021-20240
A flaw was found in gdk-pixbuf in versions prior to 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat...
Gnome Gdk-pixbuf
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2020-29385
GNOME gdk-pixbuf (aka GdkPixbuf) prior to 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will assign self->cod...
Gnome Gdk-pixbuf
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.5
CVSSv2
CVE-2011-2897
gdk-pixbuf up to and including 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
Gnome Gdk-pixbuf
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2017-12447
GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows malicious users to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.
Gnome Nautilus 3.14.3
Gnome Gdk-pixbuf 2.32.2
6.8
CVSSv2
CVE-2017-1000422
Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution
Gnome Gdk-pixbuf
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
6.8
CVSSv2
CVE-2017-2862
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulner...
Gnome Gdk-pixbuf 2.36.6
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2017-2870
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger th...
Gnome Gdk-pixbuf 2.36.6
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »